Date: Sun, 7 Mar 2004 13:02:04 -0000 From: "Uwe Kolsch" <ukolsch@gmx.net> To: <freebsd-ipfw@freebsd.org> Subject: logging and dynamic rules Message-ID: <00e701c40444$63d3ab00$cc06a8c0@wax.local>
next in thread | raw e-mail | index | archive | help
Hi, I've set up ipfw2 on 5.2.1 like follows. add 1000 check-state #allow ssh traffic from any to any add 2022 allow log tcp from any to any 22 in setup keep-state This results in every packet of any ssh connection getting logged, not really what I want. I would like to get only the initiation of a ssh connection into the logfile. Without dynamic rules I would just deal with packages of an established connection without logging, but log any request to port 22. Is there any way to achieve this with dynamic rules too. Thanks, Hans Hunger
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00e701c40444$63d3ab00$cc06a8c0>